From ca12d2dbb8c00c521366a0e6aadd591af8140ae3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Tue, 3 Dec 2024 16:30:14 +0100
Subject: [PATCH] Adding patchinfo
 patchinfo.20241127021230441849.79497680141950

---
 .../_patchinfo                                | 36 +++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 patchinfo.20241127021230441849.79497680141950/_patchinfo

diff --git a/patchinfo.20241127021230441849.79497680141950/_patchinfo b/patchinfo.20241127021230441849.79497680141950/_patchinfo
new file mode 100644
index 0000000..949ca6f
--- /dev/null
+++ b/patchinfo.20241127021230441849.79497680141950/_patchinfo
@@ -0,0 +1,36 @@
+<patchinfo>
+  <!-- generated from request(s) 353312 -->
+  <issue tracker="bnc" id="1224788">VUL-0: CVE-2024-35195: python-requests: session object does not verify requests after making first request with verify=False</issue>
+  <issue tracker="bnc" id="1226321">HTTPie SSL certificate problems with python-requests 2.32.3 (fine with 2.32.2)</issue>
+  <issue tracker="bnc" id="1231500">registercloudguest throws SSL error on registration call</issue>
+  <issue tracker="cve" id="2024-35195"/>
+  <packager>StevenK</packager>
+  <rating>moderate</rating>
+  <category>security</category>
+  <summary>Security update for python-requests</summary>
+  <description>This update for python-requests contains the following fixes:
+
+- Add patch to fix to inject the default CA bundles if they are not specified.
+    (bsc#1226321, bsc#1231500)
+
+- Remove Requires on python-py, it should have been removed earlier. 
+
+- update to 2.32.3:
+  * Fixed bug breaking the ability to specify custom SSLContexts
+    in sub-classes of HTTPAdapter.
+  * Fixed issue where Requests started failing to run on Python
+    versions compiled without the `ssl` module.
+
+  * To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0,
+    we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing
+    custom HTTPAdapters will need to migrate their code to use this new API. get_connection is
+  * Fixed an issue where setting verify=False on the first request from a Session
+    will cause subsequent requests to the same origin to also ignore cert verification,
+  * verify=True now reuses a global SSLContext which should improve request time
+  * Requests now supports optional use of character detection (chardet or charset_normalizer)
+    when repackaged or vendored. This enables pip and other projects to minimize their
+</description>
+  <package>python-requests</package>
+  <package>python-requests:test</package>
+  <seperate_build_arch/>
+</patchinfo>